I removed misleading entry on MD5

I have removed the entry I made yesterday about how to set your assembly to use MD5 as a hash algorithm instead of the default SHA1. I didn't want someone to find the entry and think that I was right in saying it was a way to be “safer”... so I am currently digging into Richter's book and Rotor code to come up with a replacement entry. Goal now is to use SHA256 or any other algorithm that comes with the framework...

By the way thanks goes out to Scott Galloway ( http://www.mostlylucid.co.uk ) for pointing out my oversight. Scott also point to this article on the cracking of MD5: http://www.techworld.com/storage/news/index.cfm?NewsID=2121

posted on Sunday, February 27, 2005 4:06 AM

Feedback

# re: I removed misleading entry on MD5

It was a really intersting post though, I wasn't even aware that you *could* switch the hash algorithm. The fact that this is possible and the method you mentioned to do it is very valuable. Any idea if the same applies to ViewState - since they're also lopcked down to using MD5 / SHA-1 they're theoretically (the the same attacks ; in practice it's very unlikely that this would be an actual issue...

2/27/2005 2:01 AM | Scott Galloway

Post Comment

Title

Name

Url

Comment

Remember Me?


Please enter the following code into the box below to stop spammers
	Enter Code Here *

# re: I removed misleading entry on MD5

My Links

Archives

Post Categories